#15060: csrftoken cookie not being sent over SSL ----------------------------+----------------------------------------------- Reporter: burhan | Owner: nobody Status: new | Milestone: Component: Core framework | Version: 1.2 Keywords: csrf ssl https | Stage: Unreviewed Has_patch: 0 | ----------------------------+----------------------------------------------- SESSION_COOKIE_SECURE setting is not being used for the csrftoken, causing it to be sent over HTTP. I believe this is the reason why I keep getting 'Looks like your browser isn't configured to accept cookies. Please enable cookies, reload this page, and try again.' errors when trying to login on the django admin.
Test environment: glassfishv3 jython 2.5.2.rc2 django-jython 1.1.2 (against Oracle backend) django 1.2.3 Windows Note: no other servers are being used, glassfish is exclusively for django use (so no PHP mhash problems). -- Ticket URL: <http://code.djangoproject.com/ticket/15060> Django <http://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/django-updates?hl=en.
